Let’s Encrypt: Misrouted? Malfeasance?

If you see the above image, its an email from Let’s Encrypt. I get quite a few of these. However, this is not my domain (dash.labs.inductive.blue). My first thought was it was a phishing email, but, the unsubscribe link is correct.

My 2nd thought is that there is a hash collision. Perhapst he short hash of their certificate collided with one of mine?

Anyone have any other thoughts?


Your certificate (or certificates) for the names listed below will expire in 19 days (on 29 Apr 20 08:21 +0000). Please make sure to renew your certificate before then, or visitors to your website will encounter errors.

We recommend renewing certificates automatically when they have a third of their
total lifetime left. For Let’s Encrypt’s current 90-day certificates, that means
renewing 30 days before expiration. See
https://letsencrypt.org/docs/integration-guide/ for details.


For any questions or support, please visit https://community.letsencrypt.org/. Unfortunately, we can’t provide support by email.

For details about when we send these emails, please visit https://letsencrypt.org/docs/expiration-emails/. In particular, note that this reminder email is still sent if you’ve obtained a slightly different certificate by adding or removing names. If you’ve replaced this certificate with a newer one that covers more or fewer names than the list above, you may be able to ignore this message.

If you are receiving this email in error, unsubscribe at http://mandrillapp.com/

The Let’s Encrypt Team






Leave a Reply

Your email address will not be published. Required fields are marked *